Please enable JavaScript.

Coggle requires JavaScript to display documents.

Difinitions (Security threat analysis (technique used to identify…

Difinitions

Security assessment

process consists of a comprehensive and continuous analysis of the security threat to the system that involves an auditing of the system, assessing the vulnerabilities of the system, and maintaining a creditable security policy and a continues installation of patches and security updates.

security policy

set of policies and procedures that impact and potentially limit the freedoms and of course levels of individual security responsibilities of all users.

Threat identification

is a process that defines and points out the source of the threat and categorizes it as either a person or an event.

deliberate threats

the act is done with the intention to breach the security of an object.

non-deliberate threats

acts and situations that, although they have the potential to cause harm to an object, they were not intended.

Human factor

Human factors are those acts that result from human perception and physical capabilities and may contribute increased risks to the system

Security threat analysis

technique used to identify threats on resources with higher value and to focus on them.

process that involves ongoing testing and evaluation of the security of a system's resources to continuously and critically evaluate their security from the perspective of a malicious intruder and then use the information from these evaluations to increase the overall system's security.

exposure factor

percentage loss that would occur from a given vulnerability being exploited

Attack Tree Method

visual representation of possible attacks against a given target.

Policies

written descriptions of the security precautions that everyone using the system must follow.

Procedures

how to implement the policies for a specific system or technology.

Practices

day-to-day operations to implement the procedures.

Certification

technical evaluation of the effectiveness of a system or an individual for security features